Vincent Ryan reports:
After being discovered, cybersecurity breaches are not consistently disclosed promptly, found an Audit Analytics study of public companies released on Friday. On average, publicly held companies took 53 days to disclose a breach incident after discovering it. The 53-day average disclosure timeframe is less than the 10-year average of 67 days, but it is the third-highest average in the last five years.
Companies took 37 days to disclose a breach at the median, the longest period recorded since 2016.
Read more on CFO. You can register to download Audit Analytic’s report here.